Cyber Incident Victim: Prairie Mountain Health
Date:
Apr 2017
Location:
Canada
Summary
A cybersecurity breach at Prairie Mountain Health compromised an internal website, potentially exposing personal and medical information of approximately 1,176 patients in the northern region along with data from 453 employees and affiliates. The regional health authority indicated the intrusion's primary purpose likely wasn't data theft but acknowledged identifiable details could have been accessed or copied. While assessing the likelihood of actual information compromise as low, the organization notified all affected individuals in writing following discovery of the incident. The breach impacted both client records and staff information, though specific data types weren't detailed beyond personal and medical identifiers.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 5, 2017, Prairie Mountain Health (PMH) identified a security breach involving unauthorized access to an internal website. The regional health authority disclosed the incident publicly on May 27, 2017, stating the hack potentially exposed personal and medical information of patients and employees. The breach affected 1,176 clients in the northern portion of PMH’s service area and 453 PMH and affiliate employees. PMH emphasized the likelihood of personal information being compromised was low but acknowledged they could not definitively rule out that identifiable details were viewed or copied during the intrusion. The health authority did not specify the duration of unauthorized access prior to detection or the technical methods used in the attack.
PMH issued written notifications to all affected individuals following the discovery of the breach. In its public statement, the organization stated the intrusion did not appear specifically targeted at acquiring personal data but provided no further details about the attacker’s motives or origins. No information was disclosed regarding immediate containment measures taken after April 5 or whether external cybersecurity experts were engaged. The health authority did not report evidence of misuse of compromised data at the time of disclosure. The incident represented a potential risk to sensitive health information, though PMH maintained the probability of actual harm to affected individuals remained limited based on their assessment.